Commitc8928d8

committed

Merge branch '2.3' into 2.5

* 2.3: Revert#4651 for 2.3 branch

2 parents7a8e00d +9fee9ee commitc8928d8Copy full SHA for c8928d8

File tree

3 files changed

-49

lines changed

book
- installation.rst
- security.rst
contributing/code
- security.rst

3 files changed

-49

lines changed

`‎book/installation.rst`

Lines changed: 0 additions & 12 deletions

Original file line number	Diff line number	Diff line change
`@@ -288,18 +288,6 @@ them all at once:`
`288`	`288`	`Depending on the complexity of your project, this update process can take up to`
`289`	`289`	`several minutes to complete.`
`290`	`290`
`291`		`-..tip::`
`292`		`-`
`293`		`- Symfony provides a command to check whether your project's dependencies`
`294`		`- contain any know security vulnerability:`
`295`		`-`
`296`		`- ..code-block::bash`
`297`		`-`
`298`		`- $ php app/console security:check`
`299`		`-`
`300`		`- A good security practice is to execute this command regularly to be able to`
`301`		`- update or replace compromised dependencies as soon as possible.`
`302`		`-`
`303`	`291`	`.. _installing-a-symfony2-distribution:`
`304`	`292`
`305`	`293`	`Installing a Symfony Distribution`

`‎book/security.rst`

Lines changed: 0 additions & 29 deletions

Original file line number	Diff line number	Diff line change
`@@ -1293,34 +1293,6 @@ cookie will be ever created by Symfony):`
`1293`	`1293`
`1294`	`1294`	`.. _book-security-checking-vulnerabilities:`
`1295`	`1295`
`1296`		`-Checking for Known Security Vulnerabilities in Dependencies`
`1297`		`-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
`1298`		`-`
`1299`		`-..versionadded::2.5`
`1300`		- The ``security:check`` command was introduced in Symfony 2.5. This command is
`1301`		- included in ``SensioDistributionBundle``, which has to be registered in your
`1302`		`- application in order to use this command.`
`1303`		`-`
`1304`		`-When using lots of dependencies in your Symfony projects, some of them may`
`1305`		`-contain security vulnerabilities. That's why Symfony includes a command called`
`1306`		-``security:check`` that checks your ``composer.lock`` file to find any known
`1307`		`-security vulnerability in your installed dependencies:`
`1308`		`-`
`1309`		`-..code-block::bash`
`1310`		`-`
`1311`		`- $ php app/console security:check`
`1312`		`-`
`1313`		`-A good security practice is to execute this command regularly to be able to`
`1314`		`-update or replace compromised dependencies as soon as possible. Internally,`
`1315`		-this command uses the public `security advisories database`_ published by the
`1316`		`-FriendsOfPHP organization.`
`1317`		`-`
`1318`		`-..tip::`
`1319`		`-`
`1320`		- The ``security:check`` command terminates with a non-zero exit code if
`1321`		`- any of your dependencies is affected by a known security vulnerability.`
`1322`		`- Therefore, you can easily integrate it in your build process.`
`1323`		`-`
`1324`	`1296`	`Final Words`
`1325`	`1297`	`-----------`
`1326`	`1298`
`@@ -1349,4 +1321,3 @@ Learn more from the Cookbook`
`1349`	`1321`
`1350`	`1322`	.. _`online tool`:https://www.dailycred.com/blog/12/bcrypt-calculator
`1351`	`1323`	.. _`frameworkextrabundle documentation`:http://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/index.html
`1352`		-.. _`security advisories database`:https://github.com/FriendsOfPHP/security-advisories

`‎contributing/code/security.rst`

Lines changed: 0 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -38,8 +38,6 @@ confirmed, the core-team works on a solution following these steps:`
`38`	`38`	#. Publish the post on the official Symfony `blog`_ (it must also be added to
`39`	`39`	the "`Security Advisories`_" category);
`40`	`40`	`#. Update the security advisory list (see below).`
`41`		-#. Update the public `security advisories database`_ maintained by the
`42`		- FriendsOfPHP organization and which is used by the ``security:check`` command.
`43`	`41`
`44`	`42`	`..note::`
`45`	`43`
`@@ -95,11 +93,6 @@ of the downstream projects included in this process:`
`95`	`93`	`Security Advisories`
`96`	`94`	`-------------------`
`97`	`95`
`98`		`-..tip::`
`99`		`-`
`100`		`- You can check your Symfony application for known security vulnerabilities`
`101`		- using the ``security:check`` command. See:ref:`book-security-checking-vulnerabilities`.
`102`		`-`
`103`	`96`	`This section indexes security vulnerabilities that were fixed in Symfony`
`104`	`97`	`releases, starting from Symfony 1.0.0:`
`105`	`98`
`@@ -129,4 +122,3 @@ releases, starting from Symfony 1.0.0:`
`129`	`122`	`.. _Git repository:https://github.com/symfony/symfony`
`130`	`123`	`.. _blog:http://symfony.com/blog/`
`131`	`124`	`.. _Security Advisories:http://symfony.com/blog/category/security-advisories`
`132`		-.. _`security advisories database`:https://github.com/FriendsOfPHP/security-advisories

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commitc8928d8

File tree

3 files changed

3 files changed

`‎book/installation.rst`

`‎book/security.rst`

`‎contributing/code/security.rst`

0 commit comments